Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
9.8
CVE-2024-55926: Xerox Workplace Suite allows unauthorized file access and deletion
CVE-2024-55926
Summary
A security flaw in Xerox Workplace Suite can be exploited to access, upload, and delete sensitive files on the server. This can lead to unauthorized access to confidential data. Update the software to the latest version to fix the issue.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions |
|---|---|---|
| xerox | workplace_suite |
< 5.6.701.9 cpe:2.3:a:xerox:workplace_suite:*:*:*:*:*:*:*:* |
Original title
A vulnerability found in Xerox Workplace Suite allows arbitrary file read, upload, and deletion on the server through crafted header manipulation. By exploiting improper validation of headers, atta...
Original description
A vulnerability found in Xerox Workplace Suite allows arbitrary file read, upload, and deletion on the server through crafted header manipulation. By exploiting improper validation of headers, attackers can gain unauthorized access to data
nvd CVSS3.1
9.8
Vulnerability type
CWE-22
Path Traversal
CWE-434
Unrestricted File Upload
Published: 23 Jan 2025 · Updated: 15 Jun 2026 · First seen: 6 Mar 2026